Getting Started with Backing up Data in Microsoft 365, Understanding the Limitations
So, you’ve decided to jump straight into the deep-end and backup your data in Microsoft 365. But first, what does that even mean?
Are you planning to back up user’s workstations to OneDrive or embrace the way Microsoft 365 is architected to provide similar or better capacities than a traditional backup product could provide? If yes, then make sure you are aware you do need to configure your tenant and we’ll cover more on that in the next in this series.
Now, while there is nothing wrong with using a third-party backup product with Microsoft 365, remember most organizations don’t back up the service, yet. There are arguments to be made for and against backing up your Microsoft 365 data but that is a decision that you and your organization need to decide.
So, if you are going to backup your data for an additional layer of protection – here is what you need to consider before you dive down the rabbit hole.
Devolutions Remote Desktop Manager
Devolutions RDM centralizes all remote connections on a single platform that is securely shared between users and across the entire team. With support for hundreds of integrated technologies — including multiple protocols and VPNs — along with built-in enterprise-grade password management tools, global and granular-level access controls, and robust mobile apps to complement desktop clients.
Sponsored Post Links: Afi.ai provides a modern solution for backing up Office 365 including full Teams support, SharePoint and OneDrive file metadata and sharing permissions, and many other advanced and modern features.
Stop and think first
If you were around in the 90s, then you’ll remember the smash-hit game Lemmings. Based on mythical creatures that follow each other over cliff edges inside the circuit boards of Amiga 500s, these pixel-based animals would do anything the mouse told them so long as was either walk left or right.
If you have a salesperson using horror stories about Microsoft 365 data loss to sell you a backup product – then before you sign on the dotted line make sure you aren’t the Lemming, and let me be the mouse building a bridge so you can safely avoid falling off the cliff.
Therefore, if you are set on backing up Microsoft 365 using a third-party tool, then make sure your eyes are wide open and you know the red flags to watch for, and the limitations all services have, so at the very least you know what you will and won’t get.
Keep your eyes out for red flags
Thankfully, most Microsoft 365 backup vendors are decent companies trying to provide useful products that fit a niche need. There isn’t a vendor I’ve encountered that provides false information about what their tool can or cannot do, either.
The red flags are both more subtle and more obvious. Your biggest red flag to watch for with any backup vendor is one that uses a statement like this one:
Section 6 of Microsoft’s own Services Agreement states: “We recommend you regularly back up your content and data . . . using third-party apps and services.”
If you see this statement on a vendor’s website, run and don’t look back. This means that the vendor is either:
- Trying to mislead you
- Incompetent enough to read the wrong services agreement
Obviously, a vendor selling Microsoft 365 backup products to businesses is not trying to sell you a product to backup your personal Hotmail, OneDrive or Xbox Live data, right? So – why would they quote Microsoft’s consumer services agreement, rather than the actual agreement for the Business and Enterprise services. Check it out here and scroll down to the list of services covered or the FAQ that clearly states the “Microsoft Services Agreement does not apply to products and services dedicated to business customers, including Microsoft 365 for business, education or government customers, Azure, Yammer or Skype for Business.”
Often errors like this are explained by incompetence, but if they studied the agreement in enough detail to pick out that text, then surely the Bing, Xbox, and other big headings would have given them pause for thought? Who knows – I’ll let you make up your own mind.
Next on the red flag list – look at the services that the backup vendor offers to backup and restore. If it claims to be an Office 365 backup product, but only covers Exchange Online, you should ask several questions:
- What year is it? Have I accidentally traveled back in time to 2011?
- Why is this vendor only covering one service in Microsoft 365? Don’t they know it includes other services that can be backed up and restored?
There’s one exception to the rule here, and that’s mail continuity services. They do get a pass here because they provide what is fundamentally not a backup product, but a continuity product, but they are trying to capture the market for passing trade looking for Office 365 backup products. And unlike a traditional backup product, you can use an email continuity service almost immediately if you have issues accessing Exchange Online.
Other, traditional backup vendors though – especially the ones with a rich on-premises history and client base – will have at some point in the past, one suspects, updated their Exchange On-Premises “brick-level” backup product to work with Exchange Online and then stamped “Office 365 backup” on the product page and spent more time selling it to customers than actually developing the product further. Products like those should probably join our aforementioned Lemmings and disappear off a cliff – but they won’t until people stop buying them.
Limitations all Microsoft backup vendors have to adhere to
Fundamentally Microsoft 365 is a SaaS (Software as a Service) product, and in the last article, I explained how you are buying a service with an SLA designed and architected for high availability of your data.
Microsoft designs the service now as a cloud-first service and in many cases, like Teams, for example, there is not an on-premises equivalent nor a native fully-features migration API. This means quite simply that you can’t back up the entirety of Microsoft 365 nor restore it, much like most other true SaaS offerings.
You can backup services including:
- Exchange Online
- SharePoint Online
- OneDrive for Business
- Microsoft Teams channel chats
- Planner, and data residing in OneDrive and SharePoint for services like Forms
- Configuration of the tenant that can be applied using PowerShell or the Graph API
- Audit logs and other data, though these would normally be captured by a dedicated product
A backup product is useless if you cannot restore. Unfortunately, Microsoft Teams is a service where although data can be extracted, it is difficult to restore. Using the production APIs, the best a service can achieve is a rudimentary restore of messages by re-posting the messages into a channel as a service account.
And, be warned that some products on the market “backup” Teams by taking a copy of the messages journaled to Exchange Online, which means restore is even more unlikely, and some items not captured for compliance won’t be included.
Most cloud-based SaaS backup vendors do cover Exchange, SharePoint, OneDrive, and Teams data. Very few, if any – I believe only one vendor – covers Planner data, and there are other methods, such as using PowerShell scripts, to capture the overall configuration separately.
The second key limitation to be aware of is data transfer speeds. If you migrated into Microsoft 365, then you will understand how long data migrations can take. If your data volumes have grown since migration, then a full site or mailbox restore will take an extended amount of time, and a full restore of data will almost certainly not fit within common internal SLAs governing data recovery. Even if you back up to a third-party service, it might only be your “hail mary” if the native recovery tools fail.
To gain an insight into the limitations, Microsoft’s migration performance guide provides a good indication of the best-case restore times you should expect to see; although it talks about migration, remember the same APIs are used. As you’ll often be restoring Office files, then the 1TB per day “medium” figure is reasonable. If you consider that 100TB of data in a small or midsize tenant isn’t unusual, you can do the maths and work out potential restore times.
Your best way to mitigate against some of the potential restore time issues will almost certainly be to use a cloud-based SaaS backup service. Whilst this opens questions about security and compliance in the backup service itself – as many will not have the same resources as Microsoft to secure their service – it does provide a measure of guarantee of consistent migration performance that will be uninhibited by on-premises infrastructure.
Fundamentally, understanding the limitations of each backup product is critical before selecting one, and after examining the products on the market, remember that for most companies across all industries, you probably don’t need to choose a backup product. Therefore, examine what is available on the market and the true capabilities of each, ignoring the brochure and focusing on the technical capabilities – then re-examine what Microsoft 365 provides as part of the service and make an informed decision.